From 45df4d0d9b577fecee798d672695fe24ff57fb1b Mon Sep 17 00:00:00 2001
From: mo khan <mo@mokhan.ca>
Date: Tue, 15 Jul 2025 16:37:08 -0600
Subject: feat: migrate from Cedar to SpiceDB authorization system

This is a major architectural change that replaces the Cedar policy-based
authorization system with SpiceDB's relation-based authorization.

Key changes:

- Migrate from Rust to Go implementation
- Replace Cedar policies with SpiceDB schema and relationships
- Switch from envoy `ext_authz` with Cedar to SpiceDB permission checks
- Update build system and dependencies for Go ecosystem
- Maintain Envoy integration for external authorization

This change enables more flexible permission modeling through SpiceDB's
Google Zanzibar inspired relation-based system, supporting complex
hierarchical permissions that were difficult to express in Cedar.

Breaking change: Existing Cedar policies and Rust-based configuration
will no longer work and need to be migrated to SpiceDB schema.
---
 vendor/windows-core/src/ref.rs | 60 ------------------------------------------
 1 file changed, 60 deletions(-)
 delete mode 100644 vendor/windows-core/src/ref.rs

(limited to 'vendor/windows-core/src/ref.rs')

diff --git a/vendor/windows-core/src/ref.rs b/vendor/windows-core/src/ref.rs
deleted file mode 100644
index fa70852c..00000000
--- a/vendor/windows-core/src/ref.rs
+++ /dev/null
@@ -1,60 +0,0 @@
-use super::*;
-use core::mem::transmute;
-
-/// A borrowed type with the same memory layout as the type itself that can be used to construct ABI-compatible function signatures.
-#[repr(transparent)]
-pub struct Ref<'a, T: Type<T>>(T::Abi, core::marker::PhantomData<&'a T>);
-
-impl<T: Type<T>> Ref<'_, T> {
-    /// Returns `true` if the argument is null.
-    pub fn is_null(&self) -> bool {
-        T::is_null(&self.0)
-    }
-
-    /// Converts the argument to a [`Result<&T>`] reference.
-    pub fn ok(&self) -> Result<&T> {
-        self.as_ref()
-            .ok_or_else(|| Error::from_hresult(imp::E_POINTER))
-    }
-
-    /// Converts the argument to a [`Option<&T>`] reference.
-    pub fn as_ref(&self) -> Option<&T> {
-        if self.is_null() {
-            None
-        } else {
-            unsafe { Some(self.assume_init_ref()) }
-        }
-    }
-
-    /// Converts the argument to a `&T` reference.
-    ///
-    /// # Panics
-    ///
-    /// Panics if the argument is null.
-    #[track_caller]
-    pub fn unwrap(&self) -> &T {
-        self.as_ref().expect("called `Ref::unwrap` on a null value")
-    }
-
-    /// Converts the argument to an [`Option<T>`] by cloning the reference.
-    pub fn cloned(&self) -> Option<T> {
-        self.as_ref().cloned()
-    }
-
-    unsafe fn assume_init_ref(&self) -> &T {
-        unsafe { T::assume_init_ref(&self.0) }
-    }
-}
-
-impl<T: Type<T>> core::ops::Deref for Ref<'_, T> {
-    type Target = T::Default;
-    fn deref(&self) -> &Self::Target {
-        unsafe { transmute(&self.0) }
-    }
-}
-
-impl<'a, T: Type<T>> From<&'a T::Default> for Ref<'a, T> {
-    fn from(from: &'a T::Default) -> Self {
-        unsafe { core::mem::transmute_copy(from) }
-    }
-}
-- 
cgit v1.2.3